Per Client Cookie Handling With Jersey
Per Client Cookie Handling With Jersey
Join the DZone community and get the full member experience.
Join For FreeSecure your Java app or API service quickly and easily with Okta's user authentication and authorization libraries. Developer accounts are free forever. Try Okta Instead.
A lot of REST services will use cookies as part of the authentication / authorisation scheme. This is a problem because by default the old Jersey client will use the singletonCookieHandler.getDefault which is most cases will be null and if not null will not likely work in a multithreaded server environment. (This is because in the background the default Jersey client will use URL.openConnection)
Now you can work around this by using the Apache HTTP Client adapter for Jersey; but this is not always available. So if you want to use the Jersey client with cookies in a server environment you need to do a little bit of reflection to ensure you use your own private cookie jar.
final CookieHandler ch = new CookieManager();
Client client = new Client(new URLConnectionClientHandler(
new HttpURLConnectionFactory() {
@Override
public HttpURLConnection getHttpURLConnection(URL uRL) throws IOException {
HttpURLConnection connect = (HttpURLConnection) uRL.openConnection();
try {
Field cookieField = connect.getClass().getDeclaredField("cookieHandler");
cookieField.setAccessible(true);
MethodHandle mh = MethodHandles.lookup().unreflectSetter(cookieField);
mh.bindTo(connect).invoke(ch);
} catch (Throwable e) {
e.printStackTrace();
}
return connect;
}
}));
This will only work if your environment is using the internal implementation ofsun.net.www.protocol.http.HttpURLConnection that comes with the JDK. This appears to be the case for modern versions of WLS.
For JAX-RS 2.0 you can do a similar change using Jersey 2.x specific ClientConfig classand HttpUrlConnectorProvider.
final CookieHandler ch = new CookieManager();
Client client =
ClientBuilder.newClient(new ClientConfig().connectorProvider(new HttpUrlConnectorProvider().connectionFactory(new HttpUrlConnectorProvider.ConnectionFactory() {
@Override
public HttpURLConnection getConnection(URL uRL) throws IOException {
HttpURLConnection connect = (HttpURLConnection) uRL.openConnection();
try {
Field cookieField = connect.getClass().getDeclaredField("cookieHandler");
cookieField.setAccessible(true);
MethodHandle mh = MethodHandles.lookup().unreflectSetter(cookieField);
mh.bindTo(connect).invoke(ch);
} catch (Throwable e) {
e.printStackTrace();
}
return connect;
}
})));
Secure your Java app or API service quickly and easily with Okta's user authentication and authorization libraries. Developer accounts are free forever. Try Okta Instead.
Like This Article? Read More From DZone
Published at DZone with permission of Gerard Davison , DZone MVB. See the original article here.
Opinions expressed by DZone contributors are their own.
{{ parent.title || parent.header.title}}
{{ parent.tldr }}
{{ parent.linkDescription }}
{{ parent.urlSource.name }}